function index($ctx)
{
$ctx->title = '绑定微信账号';
setcookie('no_subscribe_prj', '', time() + 3600);
$user = UC::auth();
if ($user) {
$connect = WxConnect::get_by('user_id', $user['id']);
if ($connect) {
_redirect('/');
}
}
if (!$this->openid) {
if (!$_GET['redirect']) {
// 避免循环跳转
UC::logout();
// 使用域名 axelahome.com, 避免因为跨域导致 session 获取不到问题
$jump = _url('https://axelahome.com/weixin/bind', array('redirect' => 1));
$url = _url('https://axelahome.com/weixin/oauth', array('jump' => $jump));
_redirect($url);
}
_throw("链接已经过期, 请重新获取微信消息!", 200);
} else {
$connect = WxConnect::get_by('wx_openid', $this->openid);
if ($connect) {
_throw('此微信号已经绑定过懒投资账号, 请先解绑!');
}
}
}
function callback($ctx)
{
$jump = htmlspecialchars(trim($_GET['jump']));
self::validate_url($jump);
if (!$this->appid || !$this->secret) {
_redirect($jump);
}
$code = urlencode(htmlspecialchars(trim($_GET['code'])));
if (!$code) {
_redirect($jump);
}
$wx_url = 'https://api.weixin.qq.com/sns/oauth2/access_token';
$wx_url = "{$wx_url}?appid={$this->appid}&secret={$this->secret}&code={$code}&grant_type=authorization_code";
$resp = Http::get($wx_url);
$ret = @json_decode($resp, true);
if (is_array($ret) && $ret['openid']) {
$connect = WxConnect::get_by('wx_openid', $ret['openid']);
if ($connect) {
Logger::info("wx_openid[{$ret['openid']}] oauth login, uid: {$connect->user_id}");
$profile = Profile::get($connect->user_id);
if ($profile && $profile->status != Profile::STATUS_LOCK) {
UC::force_login($profile);
}
} else {
// 兼容 /weixin/bind, 因为它依赖 session 中的 openid, 所以这里设置
session_start();
$_SESSION['wx_openid'] = $ret['openid'];
}
} else {
Logger::info("weixin oauth, code: {$code}, resp: {$resp}, " . Http::$error);
}
_redirect($jump);
}
function init($ctx)
{
parent::init($ctx);
$ctx->user = UC::auth();
if (!$ctx->user) {
$url = $_SERVER['REQUEST_URI'];
_redirect('login', array('jump' => $url));
return;
}
}
function syncredit($arr)
{
if (is_array($arr)) {
foreach ($arr as $uid => $setv) {
$updateMemberData = array();
foreach ($setv as $cid => $value) {
$value = intval($value);
$this->db->query("UPDATE " . $this->tablepre . "member SET member_points={$value} WHERE uid='" . UC::escape($uid) . "'");
$member_name = $this->db->result_first("SELECT member_name FROM " . $this->tablepre . "member WHERE member_id='" . UC::escape($uid) . "'");
$member_points = $this->db->result_first("SELECT member_points FROM " . $this->tablepre . "member WHERE member_id='" . UC::escape($uid) . "'");
$amount = $value - $member_points;
$member_info = $model_member->infoMember(array('member_id' => $_SESSION['member_id']), 'member_points');
$this->db->query("INSERT INTO " . $this->tablepre . "points_log (pl_memberid, pl_membername, pl_points, pl_addtime, pl_desc, pl_stage) VALUES ('{$uid}', '{$member_name}', '{$amount}', '" . time() . "', '" . getGBK('来自其它应用的积分兑入') . "', 'app')");
}
}
}
return new ApiResponse(1);
}
function init($ctx)
{
parent::init($ctx);
header('P3P:CP=" OTI DSP COR IVA OUR IND COM "');
$ref = $_SERVER['HTTP_REFERER'];
$allow_domains = array('axelahome.com');
$allow = false;
foreach ($allow_domains as $domain) {
if (preg_match("/^http(s)?:\\/\\/[^\\/]*{$domain}\\//", $ref)) {
$allow = true;
break;
}
}
if (ENV != 'dev' && !$allow) {
_throw("非法的 Referer: " . htmlspecialchars($ref));
}
$ctx->user = UC::auth();
}
function index($ctx)
{
$jump = htmlspecialchars(trim($_GET['jump']));
$host = Html::host();
if (!preg_match("/http(s)?:\\/\\/[^\\/]*{$host}\\//", $jump)) {
$jump = '';
}
// 验证 token
$token = htmlspecialchars(trim($_GET['token']));
if (strlen($token) == 32) {
$sess = WxTmpLogin::get_session($token);
if ($sess) {
WxTmpLogin::del_session($token);
}
}
if (!$sess) {
#if($token && !$_SESSION['wx_openid']){
# _throw("链接已经过期, 请重新获取微信消息!", 200);
#}
_redirect($jump);
}
session_start();
$_SESSION['wx_openid'] = $sess['openid'];
$connect = WxConnect::get_by('wx_openid', $sess['openid']);
if (!$connect) {
setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, 1, time() + 3600 * 24, '/');
Logger::info("not connected wx_openid: {$sess['openid']}");
UC::logout();
} else {
$uid = $connect->user_id;
$profile = Profile::get($uid);
setcookie('ltz_wx_binded', 1, time() + 3600 * 24 * 365, "/");
// 已经绑定了,直接删除该cookie
if (isset($_COOKIE[WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX])) {
setcookie(WxTmpLogin::COOKIE_KEY_AUTO_BIND_WX, '', time() - 1, '/');
}
Logger::info("wx_openid[{$sess['openid']}] login, uid: {$uid}, {$profile->name}");
UC::force_login($profile);
}
_redirect($jump);
}
function edit($uid, $username, $pwd, $email)
{
$user = $this->get_by_uid($uid);
$ucsql = array();
$retv = 0;
if ($username && $user['username'] != $username) {
$ucsql['username'] = $username;
$retv++;
}
if ($pwd && $user['password'] != md5($pwd)) {
$ucsql['password'] = md5($pwd);
}
if ($email && $user['email'] != $email) {
$ucsql['email'] = $email;
}
if ($ucsql) {
$retv++;
$this->db->update("UPDATE " . UC_DBTABLEPRE . "members SET " . UC::sqlSingle($ucsql) . ' WHERE uid=' . UC::escape($uid));
}
return $retv;
}
function uc_data_request($class, $method, $args = array())
{
static $uc = null;
if (empty($uc)) {
require_once UC_CLIENT_ROOT . 'class_core.php';
$uc = new UC();
}
$class = $uc->control($class);
if (method_exists($class, $method)) {
return call_user_func_array(array(&$class, $method), $args);
} else {
return 'error';
}
}
function get_by_id($nid)
{
$data = $this->db->get_one("SELECT * FROM " . UC_DBTABLEPRE . "ucnotify WHERE nid=" . UC::escape($nid));
return $data;
}
function escape($var)
{
if (is_array($var)) {
foreach ($var as $key => $value) {
$var[$key] = trim(UC::escape($value));
}
return $var;
} elseif (is_numeric($var)) {
return " '" . $var . "' ";
} else {
return " '" . addslashes($var) . "' ";
}
}
function get22($uid)
{
$retv = array();
$query = $this->db->query("SELECT cid,value FROM uc_usercredit WHERE uid=" . UC::escape($uid));
while ($rt = $this->db->fetch_array($query)) {
$retv[$rt['cid']] = $rt['value'];
}
return $retv;
}
$myApp = $uc->load('app');
$applist = $myApp->applist();
$page < 1 && ($page = 1);
$total = $db->get_one("SELECT COUNT(*) AS sum FROM pw_ucsyncredit");
$limit = S::sqlLimit($page - 1, 20);
$creditdb = array();
$query = $db->query("SELECT u.*,m.username FROM pw_ucsyncredit u LEFT JOIN pw_members m ON u.uid=m.uid {$limit}");
while ($rt = $db->fetch_array($query)) {
$creditdb[] = $rt;
}
include PrintEot('ucnotify');
exit;
} else {
S::gp(array('selid'));
$basename .= '&action=syncredit';
if ($selid) {
$db->update("DELETE FROM pw_ucsyncredit WHERE uid IN(" . S::sqlImplode($selid) . ')');
}
adminmsg('operate_success');
}
} elseif ($action == 'synupdate') {
S::gp(array('uid', 'appid'));
if ($uid && $appid) {
require_once R_P . 'uc_client/class_core.php';
$uc = new UC();
$myCredit = $uc->load('credit');
$myCredit->synupdate($appid, array($uid));
}
$basename .= '&action=syncredit';
adminmsg('operate_success');
}
function sqlMulti($array)
{
$str = '';
foreach ($array as $val) {
if (!empty($val)) {
$str .= ($str ? ', ' : ' ') . '(' . UC::implode($val) . ') ';
}
}
return $str;
}
//ifcheck($uc_client, 'ifcheck');
${'ifcheck_' . intval($uc_server)} = 'checked';
include PrintEot('ucset');
exit;
} else {
InitGP(array('uc_server'), 'P', 2);
setConfig('uc_server', $uc_server);
if ($uc_server) {
InitGP(array('uc_appid', 'uc_key'));
if ($uc_server == '1') {
$uc_appid = 1;
!$uc_key && ($uc_key = randstr(20));
$db->update("UPDATE pw_ucapp SET uc='0'");
$db->pw_update("SELECT * FROM pw_ucapp WHERE id=" . pwEscape($uc_appid), "UPDATE pw_ucapp SET secretkey=" . pwEscape($uc_key) . ",uc='1' WHERE id=" . pwEscape($uc_appid), "INSERT INTO pw_ucapp SET " . pwSqlSingle(array('id' => $uc_appid, 'name' => $db_bbsname, 'siteurl' => $db_bbsurl, 'secretkey' => $uc_key, 'uc' => 1)));
require_once R_P . 'uc_client/class_core.php';
$uc = new UC();
$myApp = $uc->load('app');
$myApp->checkColumns();
} elseif ($uc_server == '2') {
InitGP(array('uc_dbhost', 'uc_dbuser', 'uc_dbpw', 'uc_dbname', 'uc_dbpre', 'uc_dbcharset'));
$uc_appid = intval($uc_appid);
(!$uc_appid || $uc_appid < 2) && ($uc_appid = 2);
setConfig('uc_dbhost', $uc_dbhost);
setConfig('uc_dbuser', $uc_dbuser);
setConfig('uc_dbpw', $uc_dbpw);
setConfig('uc_dbname', $uc_dbname);
setConfig('uc_dbpre', $uc_dbpre);
setConfig('uc_dbcharset', $uc_dbcharset);
}
}
setConfig('uc_appid', $uc_appid);
<?php
!function_exists('adminmsg') && exit('Forbidden');
if ($uc_server != 1) {
$db_adminrecord = 0;
$basename = "javascript:parent.closeAdminTab(window);";
adminmsg('uc_server_set');
}
require_once R_P . 'uc_client/class_core.php';
$uc = new UC();
$credittype = pwCreditNames();
if (empty($action)) {
$ucApp = $uc->load('app');
$applist = $ucApp->applist();
include PrintEot('uccredit');
exit;
} elseif ($action == 'create') {
$ucApp = $uc->load('app');
$applist = $ucApp->applist();
if (empty($_POST['step'])) {
$setv = '';
include PrintEot('uccredit');
exit;
} else {
S::gp(array('cid', 'ctype'));
$basename .= '&action=create';
if (!$cid || !isset($credittype[$cid])) {
adminmsg('uc_cname_empty');
}
!$uc_syncredit && ($uc_syncredit = array());
if (isset($uc_syncredit[$cid])) {
